Filtered by vendor Zimbra
Subscriptions
Filtered by product Collaboration
Subscriptions
Total
49 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45515 | 1 Zimbra | 3 Collaboration, Zimbra, Zimbra Collaboration Suite | 2025-08-07 | 6.1 Medium |
| An issue was discovered in Zimbra Collaboration (ZCS) through 10.1. A Cross-Site Scripting (XSS) vulnerability exists in Zimbra webmail due to insufficient validation of the content type metadata when importing files into the briefcase. Attackers can exploit this issue by crafting a file with manipulated metadata, allowing them to bypass content type checks and execute arbitrary JavaScript within the victim's session. | ||||
| CVE-2022-27926 | 1 Zimbra | 1 Collaboration | 2025-07-30 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the /public/launchNewWindow.jsp component of Zimbra Collaboration (aka ZCS) 9.0 allows unauthenticated attackers to execute arbitrary web script or HTML via request parameters. | ||||
| CVE-2022-24682 | 1 Zimbra | 1 Collaboration | 2025-07-30 | 6.1 Medium |
| An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document. | ||||
| CVE-2022-27924 | 1 Zimbra | 1 Collaboration | 2025-07-30 | 7.5 High |
| Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. These memcache commands becomes unescaped, causing an overwrite of arbitrary cached entries. | ||||
| CVE-2022-27925 | 1 Zimbra | 1 Collaboration | 2025-07-30 | 7.2 High |
| Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal. | ||||
| CVE-2022-37042 | 1 Zimbra | 1 Collaboration | 2025-07-30 | 9.8 Critical |
| Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925. | ||||
| CVE-2022-41352 | 1 Zimbra | 1 Collaboration | 2025-07-30 | 9.8 Critical |
| An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation after RHEL 6 (or CentOS 6). Once pax is installed, amavis automatically prefers it over cpio. | ||||
| CVE-2023-34192 | 1 Zimbra | 1 Collaboration | 2025-07-30 | 9 Critical |
| Cross Site Scripting vulnerability in Zimbra ZCS v.8.8.15 allows a remote authenticated attacker to execute arbitrary code via a crafted script to the /h/autoSaveDraft function. | ||||
| CVE-2024-27443 | 1 Zimbra | 1 Collaboration | 2025-07-30 | 6.1 Medium |
| An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A Cross-Site Scripting (XSS) vulnerability exists in the CalendarInvite feature of the Zimbra webmail classic user interface, because of improper input validation in the handling of the calendar header. An attacker can exploit this via an email message containing a crafted calendar header with an embedded XSS payload. When a victim views this message in the Zimbra webmail classic interface, the payload is executed in the context of the victim's session, potentially leading to execution of arbitrary JavaScript code. | ||||
| CVE-2024-45519 | 1 Zimbra | 2 Collaboration, Zimbra Collaboration Suite | 2025-07-30 | 10 Critical |
| The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands. | ||||
| CVE-2022-41347 | 1 Zimbra | 1 Collaboration | 2025-05-21 | 7.8 High |
| An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root. | ||||
| CVE-2022-41351 | 1 Zimbra | 1 Collaboration | 2025-05-15 | 6.1 Medium |
| In Zimbra Collaboration Suite (ZCS) 8.8.15, at the URL /h/calendar, one can trigger XSS by adding JavaScript code to the view parameter and changing the value of the uncheck parameter to a string (instead of default value of 10). | ||||
| CVE-2022-41350 | 1 Zimbra | 1 Collaboration | 2025-05-15 | 6.1 Medium |
| In Zimbra Collaboration Suite (ZCS) 8.8.15, /h/search?action=voicemail&action=listen accepts a phone parameter that is vulnerable to Reflected XSS. This allows executing arbitrary JavaScript on the victim's machine. | ||||
| CVE-2022-41349 | 1 Zimbra | 1 Collaboration | 2025-05-15 | 6.1 Medium |
| In Zimbra Collaboration Suite (ZCS) 8.8.15, the URL at /h/compose accepts an attachUrl parameter that is vulnerable to Reflected XSS. This allows executing arbitrary JavaScript on the victim's machine. | ||||
| CVE-2022-41348 | 1 Zimbra | 1 Collaboration | 2025-05-15 | 6.1 Medium |
| An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur via the onerror attribute of an IMG element, leading to information disclosure. | ||||
| CVE-2023-45206 | 1 Zimbra | 1 Collaboration | 2025-05-07 | 6.1 Medium |
| An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. Through the help document endpoint in webmail, an attacker can inject JavaScript or HTML code that leads to cross-site scripting (XSS). (Adding an adequate message to avoid malicious code will mitigate this issue.) | ||||
| CVE-2022-45912 | 1 Zimbra | 1 Collaboration | 2025-04-24 | 7.2 High |
| An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. Remote code execution can occur through ClientUploader by an authenticated admin user. An authenticated admin user can upload files through the ClientUploader utility, and traverse to any other directory for remote code execution. | ||||
| CVE-2022-45913 | 1 Zimbra | 1 Collaboration | 2025-04-09 | 6.1 Medium |
| An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur via one of attributes in webmail URLs to execute arbitrary JavaScript code, leading to information disclosure. | ||||
| CVE-2022-45911 | 1 Zimbra | 1 Collaboration | 2025-04-09 | 6.1 Medium |
| An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur on the Classic UI login page by injecting arbitrary JavaScript code in the username field. This occurs before the user logs into the system, which means that even if the attacker executes arbitrary JavaScript, they will not get any sensitive information. | ||||
| CVE-2025-27915 | 1 Zimbra | 1 Collaboration | 2025-04-02 | 5.4 Medium |
| An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0 and 10.1. A stored cross-site scripting (XSS) vulnerability exists in the Classic Web Client due to insufficient sanitization of HTML content in ICS files. When a user views an e-mail message containing a malicious ICS entry, its embedded JavaScript executes via an ontoggle event inside a <details> tag. This allows an attacker to run arbitrary JavaScript within the victim's session, potentially leading to unauthorized actions such as setting e-mail filters to redirect messages to an attacker-controlled address. As a result, an attacker can perform unauthorized actions on the victim's account, including e-mail redirection and data exfiltration. | ||||